Resolve internal website without www. in front?

Ryan Schurman
Ryan Schurman used Ask the Experts™
on
I have a website in our DMZ that is published internally and externally through TMG 2010.  Our domain, contoso.com in this case, is the same both internally and externally.  The site url is published as http://www.contoso.com and http://contoso.com.  We have this working externally with our ISP, but are not sure how to configure our DNS internally to make the http://contoso.com link resolve to the internal firewall IP address.  We have active directory and DNS running on Server 2008 R2 servers.  
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
I have found that this is tricky on the internal domain if AD is used as the Domain controllers all have records for the domain name or contoso.com.  You can't enter a CNAME for contoso.com like you can using external dns or the all others or * domain name, with out removing the records that point to the DCs in DNS first.  There are I believe someways to work around this, but I have had no luck myself.
I assume you have www.contoso up and running?
To get http://contoso.com running create an empty host in the contoso domain and the ip address you want it to go to.

Author

Commented:
Yes.  www.contoso.com is running internally using an A record.  But contoso.com resolves to the domain controllers.
Python 3 Fundamentals

This course will teach participants about installing and configuring Python, syntax, importing, statements, types, strings, booleans, files, lists, tuples, comprehensions, functions, and classes.

when you add an empty host it asks you for an ip give it and it will them send you in the correct direction.
That is the behavior that is supposed to happen when using AD, changing that can break things in AD, I myself have yet to find a way to change this.  

Author

Commented:
In response to DBrookfield:

You will also have an empty host record for each DC.  This will cause sporadic behavior.


In response to Cheever000:

A co-worker of mine found that you could install IIS on each DC and redirect web requests to the web site.  Not a desired solution, though.  I think you are correct in that there is no good way for the http://contoso.com site to resolve internally.
Hey thanks, thats something to think about too still isn't that great.
I'm sorry were we talking about the AD? Thought this was just a point http://mydomain.com using windows DNS?
Contoso is just crazy MS terminology. Out of interest what are you actually trying to do? What benefit are you trying to get by doing this?
Also in reply to the empty host it's exactly how it's done in SBS so why does it break AD?
Further to this AFAIK in windows DNS you have the same issue with subdomains and host names. I.e if you have a host name admin.mydomain and you also have a subdomain called admin then you have to create an empty host in the subdomain.
Ahh that would be the bit, I didn't see, contoso resolves to the DC.
I'll ask again what are you really trying to do, it sounds like you're trying to answer a Microsoft test question? Is this theoretical or real world?
If it's real world then what are you trying to do? http://mydomain.com does what? or is it exactly the same as www and you just want people to be able to use it?
 
 

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial